CVE-2022-48591
CVE-2022-48591 describes a SQL injection in the ScienceLogic SL1 product, arising from the vendor_state parameter used by the “vendor print report” feature. The vulnerability occurs when unsanitized user input is passed directly into a SQL query, allowing arbitrary SQL execution against the datab...